Is there an update to this / is the change coming in 2016. These are crucial tools in demonstrating adherence to SOX controls. We are hoping this is a 4Q16 still. The lack of these auditing tools is a problem, as our tenant is coming under scope for SOX audits. As an earlier comment stated, "Having an Audit trail is needed not only as datapoint for remediation, but is also required from a security compliance standpoint where auditors require us to provide explanations of why changes happened and we need to know who made the changes."
... View more

To clarify prior comment, our team believes the first priority is a true read-only platform role that cannot do anything to update data. The desire to further refine permissions at a custom field level (e.g. so role A can do updates including custom field X, while role B can do updates but not custom field X) is of lesser importance than the main need.
... View more

Efforts around permissions / read-only also need to incorporate Custom Field permissions. It is no less important to protect custom fields from update that any other field or transaction. There can be critical pieces of data stored that have far-reaching impacts (for example used in GL segmentation and mapping) that can currently be updated by ANY PERSON with Platform UI access. For example, why should a clerical person assigned to input external refunds have the ability to change an "account type" or "business entity" custom fields on the account, which in our tenant are critical for managing multi-org balance sheet assignement.
... View more